Security Engineer 2 (Cyber Threat Intelligence)

TL;DR

Security Engineer 2 (Cyber Threat Intelligence): Identifying, analyzing, and operationalizing intelligence on threat actors and emerging campaigns with an accent on technical analysis, automation tooling, and infrastructure analysis. Focus on operationalizing intelligence into detections, conducting threat hunting for cloud-native threats, and analyzing Linux and MacOS malware.

Location: Hybrid in New York, NY, USA. Candidates must be eligible for any required authorizations from the US government to conform to US export control regulations.

Salary: $140,000 — $195,000 USD

Company

A monitoring and security platform for cloud-scale applications.

What you will do

• Develop and maintain tooling to automate the collection, processing, analysis, and dissemination of threat intelligence.
• Assess emerging vulnerabilities and threat activity to evaluate potential impact on the organization.
• Conduct threat hunting and infrastructure analysis to identify relevant adversary activity and improve defensive controls.
• Partner with security teams to operationalize intelligence into detections, investigations, and response workflows.
• Coordinate with information-sharing communities to gather and evaluate actionable intelligence.
• Produce technical briefings, threat reports, and intelligence products for security and engineering stakeholders.

Requirements

• Experience writing and presenting operational and technical intelligence for threat detection and response.
• Skill in partnering with detection and response teams to improve playbooks based on adversary TTPs.
• Familiarity with information-sharing communities and TLP-designated intelligence handling.
• Experience responding to large-scale threats, such as supply chain compromises and industry-wide campaigns.
• Experience in dynamic and static analysis of Linux and MacOS malware, including tracking cloud-native threat actors.
• Proficiency in developing threat intelligence tooling and automation via software development and scripting.

Nice to have

• Experience presenting at security conferences and publishing threat research.
• Experience with malware reverse engineering.

Culture & Benefits

• Hybrid workplace model to support work-life harmony.
• Comprehensive healthcare, dental, parental planning, and mental health benefits.
• 401(k) plan with company match.
• Paid time off and fitness reimbursements.
• Discounted employee stock purchase plan.